<?php
session_start();
include '../dbconfig.php';
$username = $_POST['username'];
$password = md5($_POST['password']);
$sql = "SELECT * FROM webmaster WHERE username='$username' and password ='$password'"; $exc = mysql_query($sql);
$num_rows = mysql_num_rows($exc);

if($num_rows > 0){
	$row = mysql_fetch_array($exc);	
	$_SESSION['username'] = $row['username'];
	$_SESSION['uid'] = $row['webmaster_id'];
	header("location: admin.php");
}
else 
{
	$code_error="<BR><FONT COLOR=\"red\">Wrong username & Password.</FONT>";
	$_SESSION['code_error'] = $code_error;
	header("location: index.php");
}

?>